Debian policy says the package name must change when the soname
changes. We don't expect the ABI to change in a stable update,
so use only 2 components in both.
It's not necessary to delete the definitions of the variables that
become unused. Nor is it necessary to move the definition of
LIBBPF_VERSION before LIB_FILES, because the latter is defined
as recursively expanded (i.e. its variable references are not
immediately expanded).
This makes the actual change we're making clearer, and should
reduce the future work to maintain this patch.
Import patches from:
https://lore.kernel.org/patchwork/cover/933178/
that allow to also load dbx and MOKX as blacklists for modules.
These patches also disable loading MOK/MOKX when secure boot is
not enabled, as the variables will not be safe, and to check the
variables attributes before accepting them.
Import patches from:
http://git.kernel.org/cgit/linux/kernel/git/dhowells/linux-fs.git/log/?h=keys-uefi
that enable a new option that automatically loads keys from db
and MOK into the secondary keyring, so that they can be used to
verify the signature of kernel modules. Enable the required KCONFIGs.
Allows users to self-sign modules (eg: dkms).
With this option enabled, the kernel will be able to retrieve firmware
logs by looking in the coreboot table. This can be accessed from
userspace via the sysfs file /sys/firmware/log.
Requested by John Paul Adrian Glaubitz, with the explanation:
> GRUB doesn't really support compressed kernels with OpenFirmware, at
> least on SPARC. It used to work with 2.02+patches but it doesn't
> work with GRUB 2.04~rc1 and upstream said that it's not really
> supported.
The "recommends" field set in the [image] section for these
configurations overrode the field at the top level. We want
gencontrol.py to concatenate the relations in this section at all
levels.
The ConfigCore.get_merge method supports doing this, but only with
list fields So we need to specify in the config schema that these
fields are comma-separated lists.
We were building the omap-rng driver, because the same block is used
on some recent Marvell chips and HW_RANDOM_OMAP is enabled by default
if ARCH_MVEBU is enabled.
We were also building virtio-rng, but there isn't (so far as I know)
any publicly available emulation of the ARMv5 Marvell chips.
As we're about to include HWRNG drivers to the installer, disable the
whole subsystem for armel/marvell to avoid adding useless drivers.
Ben Hutchings
Salvatore Bonaccorso
Vagrant Cascadian
Luca Boccassi
Uwe Kleine-König
Alper Nebi Yasak
Romain Perier
Romain Perier
Aurelien Jarno